package com.modern.js.shiro;

import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.modern.js.entity.Employee;
import com.modern.js.mapper.EmployeeMapper;
import com.modern.js.pojo.AssistPojo;
import com.modern.js.service.IEmployeeService;
import com.modern.js.service.IPermissionService;
import com.modern.js.service.IRoleService;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;

import java.util.List;

public class MyRealm extends AuthorizingRealm {
    @Autowired
    private IEmployeeService iEmployeeService;
    @Autowired
    private IRoleService iRoleService;
    @Autowired
    private IPermissionService iPermissionService;

    /**
     * 权限设置
     * @param principalCollection
     * @return
     */
   @Override
  protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        // 获取登录用户名
        String name = (String) principalCollection.getPrimaryPrincipal();
        // 添加角色和权限
        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
        QueryWrapper<Employee> queryWrapper = new QueryWrapper<>();
        queryWrapper.eq("emp_name",name);
        Employee employee = iEmployeeService.getOne(queryWrapper);
        List<AssistPojo> assistPojo=iEmployeeService.selectById(employee.getEmpId());
        for (AssistPojo pojo :assistPojo) {
            authorizationInfo.addRole(iRoleService.getById(pojo.getRoleId()).getRoleName());
            for (AssistPojo rolePojo :iRoleService.roleById(pojo.getRoleId())) {
                // 添加权限
                authorizationInfo.addStringPermission(iPermissionService.getById(rolePojo.getPermId()).getPermission());
            }
        }
        return authorizationInfo;
    }

    /**
     * 登录认证
     * @param token
     * @return
     * @throws AuthenticationException
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        //获取用户的输入的账号.
        String empName = (String)token.getPrincipal();
        //通过username从数据库中查找 User对象，如果找到，没找到.
        //实际项目中，这里可以根据实际情况做缓存，如果不做，Shiro自己也是有时间间隔机制，2分钟内不会重复执行该方法
        QueryWrapper<Employee> queryWrapper = new QueryWrapper<>();
        queryWrapper.eq("emp_name",empName);
        Employee employee=iEmployeeService.getOne(queryWrapper);
        if(employee == null){
            return null;
        }
        SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(
                employee.getEmpName(), //用户名
                employee.getPwd(), //密码
                ByteSource.Util.bytes(employee.getSalt()),//salt=username+salt 获取迭代的次数
                getName()  //realm name
        );
        return authenticationInfo;
    }
}
